Certified Information Systems Auditor (CISA) — Question 1150

Which of the following would be the GREATEST concern for an IS auditor conducting a pre-implementation review of a data loss prevention (DLP) tool?

Answer options

• A. The tool is implemented in monitor mode rather than block mode.
• B. Crawlers are used to discover sensitive data.
• C. Deep packet inspection opens data packets in transit.
• D. Encryption keys are not centrally managed.

Correct answer: D

Explanation

The central management of encryption keys is crucial for security, as it prevents unauthorized access and ensures proper key lifecycle management. If keys are not managed centrally, it increases the risk of key loss or misuse. The other options, while important, do not pose as significant a risk to data security as the mismanagement of encryption keys.